Exam Name: | CompTIA Security+ Exam 2021 | ||
Exam Code: | SY0-601 Dumps | ||
Vendor: | CompTIA | Certification: | CompTIA Security+ |
Questions: | 1063 Q&A's | Shared By: | henri |
A security analyst was asked to evaluate a potential attack that occurred on a publicly accessible section of the company's website. The malicious actor posted an entry in an attempt to trick users into clicking the following:
Which of the following was most likely observed?
Which of the following is a reason why a forensic specialist would create a plan to preserve data after an incident and prioritize the sequence for performing forensic analysis?
During an incident, an EDR system detects an increase in the number of encrypted outbound connections from multiple hosts. A firewall is also reporting an increase in outbound connections that use random high ports. An
analyst plans to review the correlated logs to find the source of the incident. Which of the following tools will best assist the analyst?
An organization is having difficulty correlating events from its individual AV. EDR. DLP. SWG. WAF, MDM. HIPS, and CASB systems. Which of the following is the best way to improve the situation?